On April 7, 2014 a severe vulnerability called “Heartbleed” was announced. Heartbleed is a vulnerability within the OpenSSL 1.0.1 series software that is described in the NIST CVE-2014-0160 announcement. In short, this vulnerability allows hackers access to portions of a vulnerable system’s memory, leading to the potential exposure of passwords, sensitive data, and certificate private keys on affected systems. Heartbleed accomplishes this by exploiting a weakness in the “TLS Heartbeat Extension,” exposing server memory. Even worse, this heartbeat attack can be repeated without the awareness of the victim, and each iteration reveals another 64k snapshot of memory to the attacker. This very serious vulnerability exposes the most sensitive data of affected systems.
The good news: the vulnerability has a patch. However, the widespread adoption of the OpenSSL 1.0.1 series software, coupled with the two years that this vulnerability has existed, means that the risks attributable to Heartbleed are enormous. Current estimates predict that over 500,000 systems may be vulnerable. Specifically, the Heartbleed vulnerability affects those systems that use OpenSSL 1.0.1 (a-f). Unfortunately, since this software is so widely implemented, many popular OS platforms are affected and thus vulnerable. I would suggest visiting the CERT Web Site for a more list of affected platforms. It is worth mentioning that this is a developing story, and as such, the list of affected platforms is likely to change.
It is important to understand that this vulnerability is not limited to just web servers. Given OpenSSL’s popularity, today’s trend to the “Internet of Things,” and the fact that many modern devices now ship with SSL protected web configuration interfaces, the scope of potentially vulnerable devices is immense. Everything from network routers to industrial control systems have the potential to be vulnerable.
Determining the extent of your exposure to this vulnerability can be a non-trivial challenge to a large organization. The determination of vulnerability will undoubtedly include a review of those corporate platforms that are affected, and a review of the OpenSSL versions in use on those systems. Additionally, if you are running the latest version of OpenSSL, there are scripted methods that can be used to interactively query a system to determine its vulnerability such as the command line below:
echo -e "quit\n" | openssl s_client -connect 192.168.1.1:443 -tlsextdebug 2>&1 | grep 'server extension "heartbeat" (id=15)' || echo safe
Finally, there are online sites that given a DNS host and port, may check for the Heartbleed vulnerability.
If one determines that their site or server is vulnerable, then what? What is the best course of action?
If a server is determined to be vulnerable, then to be completely safe, one must assume that all sensitive data that may have ever been in the memory of that system has been compromised. It’s important to remember that this vulnerability has been a part of the OpenSSL code base for over 2 years. And given the untraceable nature of this exposure, there is no sure way to determine the extent of any attack, therefore all data on affected systems should be suspect.
- All affected accounts should have their passwords reset.
- All vulnerable system certificates with private keys not protected by an HSM or cryptographic hardware should be revoked and replaced with certificates containing new keys.
- Any sensitive data would need to be evaluated as to its compromise.
It’s also important to understand that this is not a compromise of PKI, SSL, TLS or X.509 certificates. Heartbleed is more of an exploit of the systems that use PKI. And as such, any new certificates that are required to re-key vulnerable systems, would be subject to the original certificate requirements that were used to create the original certificates. That said, CSS always suggests that during any certificate re-keying or re-enrollment event, an analysis of the key size, hash algorithm, and chaining requirements be performed as a part the overall certificate enrollment process.